2 matches found
CVE-2022-36412
In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. An API request may, in effect, be executed with the credentials of a user who authenticated in the past...
openstack-keystone: denial of service via V3 API authentication chaining
A flaw was found in the keystone V3 API. An attacker could send a single request with the same authentication method multiple times, possibly leading to a denial of service due to generating excessive load with minimal requests. Only keystone setups with the V3 API enabled were affected by this...